CVE-2023-50294
N/A
N/A
Summary
The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| WESEEK, Inc. | GROWI | prior to v6.0.6 | affected |
Weaknesses
- Cleartext storage of sensitive information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.